Enable the Nginx web server with PHP

PHP settings are taken from the NixOS wiki at
<https://nixos.wiki/wiki/Nginx>.

configuration.nix

@@ -21,6 +21,7 @@
     hostName = "vps749417";
     useDHCP = false;
     interfaces.ens3.useDHCP = true;
+    firewall.allowedTCPPorts = [ 22 80 443 ];
   };
 
   # Time zone
@@ -37,6 +38,35 @@
     passwordAuthentication = false;
   };
 
+  # Nginx web server
+  services.nginx = {
+    enable = true;
+    virtualHosts."www.beffara.org" = {
+      forceSSL = true;
+      root = "/data/web/root";
+      sslCertificate = "/data/web/cert/beffara.org.crt";
+      sslCertificateKey = "/data/web/cert/beffara.org.key";
+      locations."~ \.php$".extraConfig = ''
+        fastcgi_pass  unix:${config.services.phpfpm.pools.web.socket};
+        fastcgi_index index.php;
+      '';
+    };
+  };
+
+  # FastCGI server for PHP
+  services.phpfpm.pools.web = {
+    user = "nobody";
+    settings = {
+      "listen.owner" = config.services.nginx.user;
+      "pm" = "dynamic";
+      "pm.max_children" = 5;
+      "pm.start_servers" = 2;
+      "pm.min_spare_servers" = 1;
+      "pm.max_spare_servers" = 3;
+      "pm.max_requests" = 500;
+    };
+  };
+
   # Initial user account
   users.users.manu = {
     isNormalUser = true;